Search results for: cyber threats

Authors: Pema Choejey, David Murray, Chun Che Fung

Abstract:

Bhutan is becoming increasingly dependent on Information and Communications Technologies (ICTs), especially the Internet for performing the daily activities of governments, businesses, and individuals. Consequently, information systems and networks are becoming more exposed and vulnerable to cybersecurity threats. This paper highlights the findings of the survey study carried out to understand the perceptions of cybersecurity implementation among government organizations in Bhutan. About 280 ICT personnel were surveyed about the effectiveness of cybersecurity implementation in their organizations. A questionnaire based on a 5 point Likert scale was used to assess the perceptions of respondents. The questions were asked on cybersecurity practices such as cybersecurity policies, awareness and training, and risk management. The survey results show that less than 50% of respondents believe that the cybersecurity implementation is effective: cybersecurity policy (40%), risk management (23%), training and awareness (28%), system development life cycle (34%); incident management (26%), and communications and operational management (40%). The findings suggest that many of the cybersecurity practices are inadequately implemented and therefore, there exist a gap in achieving a required cybersecurity posture. This study recommends government organizations to establish a comprehensive cybersecurity program with emphasis on cybersecurity policy, risk management, and awareness and training. In addition, the research study has practical implications to both government and private organizations for implementing and managing cybersecurity.

Keywords: awareness and training, cybersecurity policy, risk management, security risks

Procedia PDF Downloads 321

Authors: M. Moslehpour, S. Khorsandi

Abstract:

Due to shortage in IPv4 addresses, transition to IPv6 has gained significant momentum in recent years. Like Address Resolution Protocol (ARP) in IPv4, Neighbor Discovery Protocol (NDP) provides some functions like address resolution in IPv6. Besides functionality of NDP, it is vulnerable to some attacks. To mitigate these attacks, Internet Protocol Security (IPsec) was introduced, but it was not efficient due to its limitation. Therefore, SEND protocol is proposed to automatic protection of auto-configuration process. It is secure neighbor discovery and address resolution process. To defend against threats on NDP’s integrity and identity, Cryptographically Generated Address (CGA) and asymmetric cryptography are used by SEND. Besides advantages of SEND, its disadvantages like the computation process of CGA algorithm and sequentially of CGA generation algorithm are considerable. In this paper, we parallel this process between network resources in order to improve it. In addition, we compare the CGA generation time in self-computing and distributed-computing process. We focus on the impact of the malicious nodes on the CGA generation time in the network. According to the result, although malicious nodes participate in the generation process, CGA generation time is less than when it is computed in a one-way. By Trust Management System, detecting and insulating malicious nodes is easier.

Keywords: NDP, IPsec, SEND, CGA, modifier, malicious node, self-computing, distributed-computing

Procedia PDF Downloads 267

Authors: Jumana Majdi Qutub

Abstract:

Rationale: Cloud computing has rapidly developed the past few years. Because of the importance of providing protection for personal data used in cloud computing, the role of data protection in promoting trust and confidence in users’ data has become an important policy priority. This research examines key regulatory challenges rose by the growing use and importance of cloud computing with focusing on protection of individuals personal data. Methodology: Describing and analyzing governance challenges facing policymakers and industry in Saudi Arabia, with an account of anticipated governance responses. The aim of the research is to describe and define the regulatory challenges on cloud computing for policy making in Saudi Arabia and comparing it with potential complied issues rose in respect of transported data to EU member state. In addition, it discusses information privacy issues. Finally, the research proposes policy recommendation that would resolve concerns surrounds the privacy and effectiveness of clouds computing frameworks for data protection. Results: There are still no clear regulation in Saudi Arabia specialized in legalizing cloud computing and specialty regulations in transferring data internationally and locally. Decision makers need to review the applicable law in Saudi Arabia that protect information in cloud computing. This should be from an international and a local view in order to identify all requirements surrounding this area. It is important to educate cloud computing users about their information value and rights before putting it in the cloud to avoid further legal complications, such as making an educational program to prevent giving personal information to a bank employee. Therefore, with many kinds of cloud computing services, it is important to have it covered by the law in all aspects.

Keywords: cloud computing, cyber crime, data protection, privacy

Procedia PDF Downloads 239

Authors: Awad A. Younis, Elise Stronberg, Shifa Noor

Abstract:

Malware attacks due to end-user vulnerabilities have been noticeably increased in the past few years. Investigating the factors that make an end-user vulnerable to those attacks is critical because they can be utilized to set up proactive strategies such as awareness and education to mitigate the impacts of those attacks. Some existing studies investigated demographic, behavioral, and cultural factors that make an end-user susceptible to malware attacks. However, it has been challenging to draw more general conclusions from individual studies due to the varieties in the type of end-users and different types of malware. Therefore, we conducted a systematic literature review (SLR) of the existing research for end-user susceptibility factors to malware attacks. The results showed while some demographic factors are mostly associated with malware infection regardless of the end users' type, age, and gender are not consistent among the same and different types of end-users. Besides, the association of culture and personality factors with malware infection are consistent in most of the selected studies and for all type of end-users. Moreover, malware infection varies based on age, geographic location, and host types. We propose that future studies should carefully take into consideration the type of end-users because different end users may be exposed to different threats or be targeted based on their user domains’ characteristics. Additionally, as different types of malware use different tactics to trick end-users, taking the malware types into consideration is important.

Keywords: cybersecurity, malware, end-users, demographics, personality, culture, systematic literature review

Procedia PDF Downloads 213

Authors: Htay Htay Yi, Zin May Aye

Abstract:

Network security is role of the ICT environment because malicious users are continually growing that realm of education, business, and then related with ICT. The network security contravention is typically described and examined centrally based on a security event management system. The firewalls, Intrusion Detection System (IDS), and Intrusion Prevention System are becoming essential to monitor or prevent of potential violations, incidents attack, and imminent threats. In this system, the firewall rules are set only for where the system policies are needed. Dataset deployed in this system are derived from the testbed environment. The traffic as in DoS and PortScan traffics are applied in the testbed with firewall and IDS implementation. The network traffics are classified as normal or attacks in the existing testbed environment based on six machine learning classification methods applied in the system. It is required to be tested to get datasets and applied for DoS and PortScan. The dataset is based on CICIDS2017 and some features have been added. This system tested 26 features from the applied dataset. The system is to reduce false positive rates and to improve accuracy in the implemented testbed design. The system also proves good performance by selecting important features and comparing existing a dataset by machine learning classifiers.

Keywords: false negative rate, intrusion detection system, machine learning methods, performance

Procedia PDF Downloads 105

Authors: Cai Qianyi

Abstract:

In the midst of global digital revolution, the flow of data poses security threats that call China's existing legislative framework for protecting personal information into question. As a preliminary procedure for risk analysis and prevention, the risk assessment of personal data transmission lacks detailed guidelines for support. Existing provisions reveal unclear responsibilities for network operators and weakened rights for data subjects. Furthermore, the regulatory system's weak operability and a lack of industry self-regulation heighten data transmission hazards. This paper aims to compare the regulatory pathways for data information transmission risks between China and Europe from a legal framework and content perspective. It draws on the “Data Protection Impact Assessment Guidelines” to empower multiple stakeholders, including data processors, controllers, and subjects, while also defining obligations. In conclusion, this paper intends to solve China's digital security shortcomings by developing a more mature regulatory framework and industry self-regulation mechanisms, resulting in a win-win situation for personal data protection and the development of the digital economy.

Keywords: personal information data transmission, risk assessment, DPIA, internet service provider, personal information data transimission, risk assessment

Procedia PDF Downloads 35

Authors: María Laura Guevara Campos

Abstract:

The increasing number of vending machines makes it easy for people to find them more frequently in stores, universities, workplaces, and even hospitals. These machines usually offer products with high contents of sugar and fat, which, if consumed regularly, can result in serious health threats, as overweight and obesity. Additionally, the energy consumption of these machines tends to be high, which has an impact on the environment as well. In order to promote the consumption of healthy food, a vending machine was designed to give the customer the opportunity to choose between a customized fruit salad and a customized fruit juice, both of them prepared instantly with the ingredients selected by the customer. The main parameters considered to design the machine were: the storage of the preferred fruits in a salad and/or in a juice according to a survey, the size of the machine, the use of ecologic recipients, and the overall energy consumption. The methodology used for the design was the one proposed by the German Association of Engineers for mechatronics systems, which breaks the design process in several stages, from the elaboration of a list of requirements through the establishment of the working principles and the design concepts to the final design of the machine, which was done in a 3D modelling software. Finally, with the design of this machine, the aim is to contribute to the development and implementation of healthier vending machines that offer freshly-made products, which is not being widely attended at present.

Keywords: design, design methodology, mechatronics systems, vending machines

Procedia PDF Downloads 121

Authors: Abdullah Alhajoj, Bassam Alowaiesh

Abstract:

This work aims to reduce the risks of discharging olive mill waste directly to the environment without treatment in Sakaka City, KSA. The organic loads expressed by chemical oxygen demand (COD) and biological oxygen demand (BOD) of the produced wastewater (OMWW) as well as the solid waste (OMW) were evaluated. The wastes emitted from the three-phase centrifuge decanters was found to be higher than that emitted from the two-phase centrifuge decanters. The olive mill wastewater (OMWW) was treated using advanced oxidation combined with filtration treatment. The results indicated that the concentration of COD, BOD, TSS, oil and grease and phenol was reduced by using complex sand filtration from 72150, 21660 10256, 36430, and 1470 mg/l to 980, 421, 58, 68, and 0.35 mg/l for three-phase OMWW and from 150562, 17955, 15325, 19658 and 2153 mg/l to 1050, 501, 29, 0.75, and 0.29 mg/l, respectively. While, by using modified trickling filter (packed with the neck of waste plastic bottles the concentration of the previously mentioned parameters was reduced to 1190, 570, 55, 0.85, and 0.3 mg/l, respectively. This work supports the application of such treatment technique for reducing the environmental threats of olive mill waste effluents in Saudi Arabia.

Keywords: two-phase, three-phase, olive mill, olive oil, waste treatment, filtration, advanced oxidation, waste plastic bottles

Procedia PDF Downloads 139

Authors: Noman Ahmed, Fariha Tahseen

Abstract:

Since several decades, unplanned urbanization and rapid growth of informal settlements have evolved and increased in size and number. Large cities such as Karachi have been impacted with sprawl and rising share of unplanned settlements where poor communities reside. Threats of eviction, deteriorating law and order situation, lack of essential amenities and infrastructure, extortion and bullying from local and non-local musclemen and feeble response of government agencies towards their development needs are some predicaments. Non-governmental organizations (NGOs) have caused important interventions in such locations. Appraisal of the community-based mapping as a tool in supporting the development work in less privileged areas in Karachi has been the objective of this research. The Orangi Pilot Project (OPP), under the leadership of its slain director Perween Rahman had a significant role to play in developing and extending this approach in low income locations in Karachi and beyond. The paper investigates the application of mapping in the process of peri urban land invasion causing rapid transformation of traditional settlements in Karachi. Mixed methodology components comprising literature review, archival research, and unstructured interviews with key informants and case studies have been used.

Keywords: squatters (katchi abadis), land grabbing, community empowerment, housing rights, mapping, infrastructure development

Procedia PDF Downloads 304

Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode

Abstract:

The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.

Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT

Procedia PDF Downloads 133

Authors: Patrick May Mukonki

Abstract:

KOV pit (Kamoto Oliveira Virgule) is located 10 km from Kolwezi town, one of the mineral rich town in the Lualaba province of the Democratic Republic of Congo. The KOV pit is currently operating under the Katanga Mining Limited (KML), a Glencore-Gecamines (a State Owned Company) join venture. Recently, the mine optimization process provided a life of mine of approximately 10 years withnice pushbacks using the Datamine NPV Scheduler software. In previous KOV pit studies, we recently outlined the impact of the accuracy of the geological information on a long-term mine plan for a big copper mine such as KOV pit. The approach taken, discussed three main scenarios and outlined some weaknesses on the geological information side, and now, in this paper that we are going to develop here, we are going to highlight, as an overview, those weaknesses, strengths and opportunities, in a global SWOT analysis. The approach we are taking here is essentially descriptive in terms of steps taken to optimize KOV pit and, at every step, we categorized the challenges we faced to have a better tradeoff between what we called strengths and what we called weaknesses. The same logic is applied in terms of the opportunities and threats. The SWOT analysis conducted in this paper demonstrates that, despite a general poor ore body definition, and very rude ground water conditions, there is room for improvement for such high grade ore body.

Keywords: mine planning, mine optimization, mine scheduling, SWOT analysis

Procedia PDF Downloads 210

Authors: Yantao Li, Jun Zheng

Abstract:

Food poison caused by consumption of contaminated food, especially seafood, is one of most serious public health threats worldwide. Vibrio parahaemolyticus is emerging bacterial pathogen and the leading cause of human gastroenteritis associated with food poison, especially in the southern coastal region of China. To successfully cause disease in host, bacterial pathogens need to overcome the host-derived stresses encountered during infection. One of the toxic chemical species elaborated by the host is nitric oxide (NO). NO is generated by acidified nitrite in the stomach and by enzymes of the inducible NO synthase (iNOS) in the host cell, and is toxic to bacteria. Bacterial pathogens have evolved some mechanisms to battle with this toxic stress. Such mechanisms include genes to sense NO produced from immune system and activate others to detoxify NO toxicity, and genes to repair the damage caused by toxic reactive nitrogen species (RNS) generated during NO toxic stress. However, little is known about the NO resistance in V. parahaemolyticus. In this study, a transposon coupled with next generation sequencing (Tn-seq) technology will be utilized to identify genes for NO resistance in V. parahaemolyticus. Our strategy will include construction the saturating transposon insertion library, transposon library challenging with NO, next generation sequencing (NGS), bioinformatics analysis and verification of the identified genes in vitro and in vivo.

Keywords: vibrio parahaemolyticus, nitric oxide, tn-seq, virulence

Procedia PDF Downloads 249

Authors: Summer Jackson

Abstract:

September 11, 2001 terrorist attacks exposed weaknesses in federal law enforcement’s ability to proactively counter threats to American homeland security. Following the attacks, legislative reforms and policy changes cleared both bureaucratic and legal obstacles to anti-terrorism efforts. The Federal Bureau of Investigation (FBI) transformed into a domestic intelligence agency responsible for preventing future terrorist attacks. Likewise, the passage of the 2001 USA Patriot Act gave federal agents new discretionary powers to more easily collect intelligence on those suspected of supporting terrorism. Despite these changes, there has been only limited scholarly attention paid to terrorism responses by the federal criminal justice system. This study sought to examine the investigative and prosecutorial changes made in the Post-9/11 era. The methodology employed bivariate and multivariate statistics using data from the American Terrorism Study (ATS). This analysis examined how policy changes are reflected in the nature of terrorism investigations, the handling of terrorist defendants by federal prosecutors, and the outcomes of terrorism cases since 2001. The findings indicate significant investigative and prosecutorial changes in the Post-9/11 era. Specifically, this study found terrorism cases involved younger defendants, fewer indictees per case, less use of human intelligence, less complicated attacks, less serious charges, and more plea bargains. Overall, this study highlights the important shifts in responses to terrorism following the 9/11 attacks.

Keywords: terrorism, law enforcement, post-9/11, federal policy

Procedia PDF Downloads 103

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 306

Authors: Habila Nuhu

Abstract:

Natural radionuclides in the environment can significantly contribute to human exposure to ionizing radiation. The knowledge of their levels in an environment can help the radiological protection agencies in policymaking. Measurement of natural radioactivity in major soils in the tin mining state of Perak Malaysia has been conducted using an HPGe detector. Seventy (70) soil samples were collected at widely distributed locations in the state. Six major soil types were sampled, and thirteen districts around the state were covered. The following were the results of the 226Ra (238U), 228Ra (232Th), and 40K activity in the soil samples: 226Ra (238U) has a mean activity concentration of 191.83 Bq kg⁻¹, more than five times the UNSCEAR reference limits of 35 Bq kg⁻¹. The mean activity concentration of 228Ra (232Th) with a value of 232.41 Bq kg⁻¹ is over seven times the UNSCEAR reference values of 30 Bq kg⁻¹. The average concentration of 40K activity was 275.24 Bq kg⁻¹, which was less than the UNSCEAR reference limit of 400 Bq Kg⁻¹. The range of external hazards index (Hₑₓ) values was from 1.03 to 2.05, while the internal hazards index (Hin) was from 1.48 to 3.08. The Hex and Hin should be less than one for minimal external and internal radiation threats as well as secure use of soil material for building construction. The Hₑₓ and Hin results generally indicate that while using the soil types and their derivatives as building materials in the study area, care must be taken.

Keywords: activity concentration, hazard index, soil samples, tin mining

Procedia PDF Downloads 94

Authors: Golyasamin Khanehzaei, Mohd. Bakri Ishak, Ahmad Makmom Hj Abdullah, Latifah Abd Manaf

Abstract:

Abstract—Management of clinical waste is a critical problem worldwide. Immediate attention is required to manage the clinical waste in an appropriate way in newly developing economy country such as Malaysia. The increasing amount of clinical waste generated is resulted from rapid urbanization and growing number of private health care facilities in developing countries such as Malaysia. In order to develop a sensible clinical waste management system and improvement of the management, information on factors affecting clinical waste generation has the crucial role. This paper is the study of management characteristics of clinical waste and the level of efficiency of clinical waste management systems operating in private clinics located in Selangor, Malaysia. Are they following the proper international standards? By taking all of this in consideration the aim of this paper is to identify and discuss the current trend, current challenges and also the present opportunities among the challenges of clinical waste management in private clinics of Selangor, Malaysia. The SWOT analysis was characterized for the evaluation of strengths, weaknesses, opportunities and threats. The methodology for this study was constituted of direct observation, Informal interviews, Conducting SWOT analysis, conduction of one sustainability dimensions analysis and application. The results show that clinical waste management in private clinics is far from an ideal model.

Keywords: clinical waste, SWOT analysis, Selangor, Malaysia

Procedia PDF Downloads 333

Authors: Ravi Kumar

Abstract:

Agricultural wastes are the non-product outcomes of agricultural processing whose monetary value is less as compared to its collection cost, transportation, and processing. When such agricultural waste is not properly disposed of, it may damage the natural environment and cause detrimental pollution in the atmosphere. Agricultural development and intensive farming methods usually result in wastes that remarkably affect the rural environments in particular and the global environment in general. Agricultural waste has toxicity latent to human beings, animals, and plants through various indirect and direct outlets. The present paper explores the various activities that result in agricultural waste and the routes that can utilize the agricultural waste in a manageable manner to reduce its adverse impact on the environment. Presently, the agricultural waste management system for ecological agriculture and sustainable development has emerged as a crucial issue for policymakers. There is an urgent need to consider agricultural wastes as prospective resources rather than undesirable in order to avoid the transmission and contamination of water, land, and air resources. Waste management includes the disposal and treatment of waste with a view to eliminate threats of waste by modifying the waste to condense the microbial load. The study concludes that proper waste utilization and management will facilitate the purification and development of the ecosystem and provide feasible biofuel resources. This proper utilization and management of these wastes for agricultural production may reduce their accumulation and further reduce environmental pollution by improving environmental health.

Keywords: agricultural waste, utilization, management, environment, health

Procedia PDF Downloads 74

Authors: Naila Sher, Mushtaq Ahmed, Nadia Mushtaq, Rahmat Ali Khan

Abstract:

In cancer therapy, nanoparticles (NPs) shall be applied possibly by inoculation in the veins of humans. This action will connect them with white (WBCs) and red blood cells (RBCs) in the bloodstream before they reach their main targeted cancer cells. However, possible effects of silver, gold, and silver/gold bimetallic NPs (Ag, Au, and Ag/Au BNPs) on baby hamster kidney-21 (BHK-21) cells were studied by MTT assay. Here, Ag, Au, and their Ag/Au BNPs (bimetallic nanoparticles) were synthesized by using Hippeastrum hybridum (HH) extract. These NPs were characterized by UV-visible spectroscopy, FT-IR, XRD, and EDX, and SEM analysis. XRD analysis conferring the crystal structure with an average size of 13.3, 10.72, and 8.34nm of Ag, Au, and Ag/Au BNPs, respectively. SEM showed that Ag, Au, and Ag/Au BNPs had irregular morphologies, with nano measures calculated sizes of 40, 30, and 20 nm respectively. EDX spectrometers confirmed the presence of elemental Ag signal of the AgNPs with 22.75%, Au signal of the AuNPs with 48.08%, Ag signal with 12%, and Au signal with 38.26% of the Ag/Au BNPs. The BHK-21cells were incubated in the existence of doxorubicin, plant extract, Ag, Au, and Ag/Au BNPs. The cytotoxic effects could be observed in a dose-dependent mode; doxorubicin and Ag/Au BNPs were more toxic than plant extract, Ag, and Au NPs. It is demonstrated that NPs interact with BHK-21cells and significantly reduce cell viability in a concentration-dependent manner. However, to reduce the potential threats of NPs further studies are recommended.

Keywords: hippeastrum hybridum, nanoparticle, BHK-21cells

Procedia PDF Downloads 113

Authors: Mohamed Rasslan, Doaa Abdelrahman, Mahmoud M. Nasreldin, Ghada Farouk, Heba K. Aslan

Abstract:

Blockchain is a distributed database that endorses transparency while bitcoin is a decentralized cryptocurrency (electronic cash) that endorses anonymity and is powered by blockchain technology. Smart contracts are programs that are stored on a blockchain. Smart contracts are executed when predetermined conditions are fulfilled. Smart contracts automate the agreement execution in order to make sure that all participants immediate-synchronism of the outcome-certainty, without any intermediary's involvement or time loss. Currently, the Bitcoin market worth billions of dollars. Bitcoin could be transferred from one purchaser to another without the need for an intermediary bank. Network nodes through cryptography verify bitcoin transactions, which are registered in a public-book called “blockchain”. Bitcoin could be replaced by other coins, merchandise, and services. Rapid growing of the bitcoin market-value, encourages its counterparts to make use of its weaknesses and exploit vulnerabilities for profit. Moreover, it motivates scientists to define known vulnerabilities, offer countermeasures, and predict future threats. In his paper, we study blockchain technology and bitcoin from the attacker’s point of view. Furthermore, mitigations for the attacks are suggested, and contemporary security solutions are discussed. Finally, research methods that achieve strict security and privacy protocol are elaborated.

Keywords: Cryptocurrencies, Blockchain, Bitcoin, Smart Contracts, Peer-to-Peer Network, Security Issues, Privacy Techniques

Procedia PDF Downloads 61

Authors: Olakunle Felix Adekunle

Abstract:

Risk management is recognised as an essential tool to tackle the inevitable uncertainty associated with business and projects at all levels. But it frequently fails to meet expectations, with projects continuing to run late, over budget or under performing, and business is not gaining the expected benefits. The evident disconnect which often occurs between strategic vision and tactical project delivery typically arises from poorly defined project objectives and inadequate attention to the proactive management of risks that could affect those objectives. One of the main failings in the traditional approach to risk management arises from a narrow focus on the downside, restricted to the technical or operational field, addressing tactical threats to processes, performance or people. This shortcoming can be overcome by widening the scope of risk management to encompass both strategic risks and upside opportunities, creating an integrated approach which can bridge the gap between strategy and tactics. Integrated risk management addresses risk across a variety of levels in the organisation, including strategy and tactics, and covering both opportunity and threat. Effective implementation of integrated risk management can produce a number of benefits to the organisation which are not available from the typical limited-scope risk process. This paper explores how to expand risk management to deliver strategic advantage while retaining its use as a tactical tool.

Keywords: risk management, success, organization, strategy, project, tactis, vision

Procedia PDF Downloads 370

Authors: Cuma Şimşek

Abstract:

Nowadays our globalized world is in a very rapid and sophisticated change. In the information age, notion of ‘information’ has begun to spread faster than ever also in this age, changes and transformation has gained tremendous momentum with technology boom. This continuous change and transformation, increased the competition between existing organizations and corporations. Besides, the organizations which show resistance to change has been put out of action in this competitive environment. It is not possible to sustain the existence of organizations without adapting to change and transformation by isolating itself from developments. As a consequence of improved communication and dialog possibilities by means of increasing knowledge level, there has been made a change of scene in administrative mentality, style and activation, especially in 21th century. Leaders emerge as the most important factor in this process of perception and success. At the same time it is not enough to adapt the alteration with conventional leadership abilities and behaviors. In parallel with alteration, new types of leadership are coming up. The optimal leadership type for our era and a trending topic "Transformational Leadership" is in great demand now. In this research, current situation of the Air Forces which use high-technology weapons efficiently, operates in an environment full of threats and is analyzed. It is evaluated that in order to be ready for war continuously and adjusting itself to changing terms of warfare atmosphere , Air Forces need ‘transformational leaders’ who are innovative, foreseeing and having a vision so that they can develop new methods and strategies for complex problems. Because it is the Air Force which is responsible for being the deterrent force of its country.

Keywords: transformational, change, air force, leadership

Procedia PDF Downloads 428

Authors: Mateusz Janas

Abstract:

Innovative implementations in the micro, small, and medium-sized enterprises (MSME) sector are among the essential activities considering the current market realities, technological advancements, and digitization trends. MSMEs play a crucial role and significantly influence the economic conditions of countries, as their competitiveness directly impacts the global economy. Business development and investment in innovation and technology are integral parts of every modern enterprise's strategy, seeking to maintain and achieve a desired competitive position. The instability of the socio-economic environment, along with contemporary changes in artificial intelligence implementation and digitization, requires businesses to adopt increasingly newer solutions and actions. Enterprises must strive to survive in the global market and build competitive positions, especially in uncertain conditions. Being aware of the significance of innovative actions is crucial for MSMEs as it enables them to enhance their operations and expand their scope. It is essential for managers and executives of MSMEs to be focused on development and innovation, as their approach will also impact their employees, emphasizing results and maximizing the company's value. Managers of MSMEs must be aware of various threats, costs, opportunities, and gains that can arise from implementing new technical and organizational solutions. Businesses must view development as an integral part of their strategy and continuously strive for improvement.

Keywords: innovation, SME, develop, management

Procedia PDF Downloads 46

Authors: Dija Sulekha

Abstract:

Nowadays, a good percentage of reported cybercrimes involve the usage of the Internet, directly or indirectly for committing the crime. Usually, Web Browsers leave traces of browsing activities on the host computer’s hard disk, which can be used by investigators to identify internet-based activities of the suspect. But criminals, who involve in some organized crimes, disable browser file generation feature to hide the evidence while doing illegal activities through the Internet. In such cases, even though browser files were not generated in the storage media of the system, traces of recent and ongoing activities were generated in the Physical Memory of the system. As a result, the analysis of Physical Memory Dump collected from the suspect's machine retrieves lots of forensically crucial information related to the browsing history of the Suspect. This information enables the cyber forensic investigators to concentrate on a few highly relevant selected artefacts while doing the Offline Forensics analysis of storage media. This paper addresses the reconstruction of web browsing activities by conducting live forensics to identify searched terms, downloaded files, visited sites, email headers, email ids, etc. from the physical memory dump collected from Windows 10 Systems. Well-known entry points are available for retrieving all the above artefacts except searched terms. The paper describes a novel methodology to retrieve the searched terms from Windows 10 Physical Memory. The searched terms retrieved in this way can be used for doing advanced file and keyword search in the storage media files reconstructed from the file system recovery in offline forensics.

Keywords: browser forensics, digital forensics, live Forensics, physical memory forensics

Procedia PDF Downloads 100

Authors: Ibrahim Sani, Suleiman Mohammed., Salisu Sulaiman, Aminu Musa

Abstract:

The fall army worm (FAW), Spodoptera frugiperda (J. E. Smith) (Lepidoptera, Noctuidae) has recently become one of the major threats to maize production in the world. It is native to tropical and subtropical America and began to spread to many African and a few Asian Countries. A survey for the observation of infestation and collection of fall armyworm was conducted in field planted with maize in the northern part of Katsina state. Eggs and immature stages were collected, place in a plastic container and brought to the laboratory for observation and study of developmental stages. FAW was identified based on the morphological characteristics, i.e. the “Y” inverted shape on the head capsule and the patterns of black spots on the abdominal segments (square and trapezoidal forms). Different growing stage of maize are affected by fall armyworm, but the damage is greatest during the early growing phase of corn. Heavy infestation on the leaves also cause defoliation. Four developmental stages (eggs larvae, pupae and adults) of the FAW were studied when fed with young corn under laboratory conditions. Furthermore, effective scouting or monitoring of FAW could be practice at early stage of growth of maize.

Keywords: infestation, katsina, maize, fall armyworm

Procedia PDF Downloads 49

Authors: Asad Rehman

Abstract:

Although a vast majority relates the concept of ‘halal’ or what is permissible in Islam to food only. However, halal industry covers many sectors such as food, fashion, transport, finance and even tourism. Halal tourism is not just about halal food; it is also about the overall experience, which is amenable with the Shariah (Islamic jurisprudence). Oman has a plethora of natural beauty and many places of interest for all types of tourists. It is one of the most secure and peaceful countries in the world. Having a well-developed Infrastructure, Oman is ready to take its tourism to new heights. The ever-hospitable Omanis are proud of their rich cultural and historical heritage. Thus, Oman appears to have all what it takes to become a prime destination for halal tourism. The objective of this study is to assess the prospects of Oman as a destination for halal tourism. Based on the interviews of experts like academicians, tourism professionals, officials and clerics, Oman’s competitiveness as a destination for halal tourism was assessed by developing a Strengths, Weaknesses, Opportunities and Threats (SWOT) profile. The findings of the SWOT were compared with the data from the Global Muslim Travel Index (GMTI) from the year 2014 to 2018. Based on the analysis, Oman is found to have the right mix of environment and enabling services for halal tourism. However, it is found lacking in public transport, communication and customer outreach. Oman is also found to be losing its rank among the top 10 destinations for halal tourism to close competitors like Qatar, Bahrain, Morocco, etc. The concerned authorities need to make conscious efforts to resolve these issues as it becomes imperative for Oman to revamp its tourism strategy.

Keywords: destination, halal, Islam, SWOT, tourism

Procedia PDF Downloads 136

Authors: Fatemeh Abdollahi, Munn-Sann Lye, Jamshid Yazdani Charati, Mehran Zarghami

Abstract:

Both obesity and intimate partner violence (IPV) are growing health threats. This study aimed to assess the prevalence and risk factors of both IPV and obesity and their association. In this cross-sectional study, 530 women aged 16-65 years attending Mazandaran primary health centers were recruited through the stratified random sampling method (2019-2020). Data were collected using the modified World Health Organization Domestic Violence questionnaire, Perceived Stress Scale, and socio-demographic, obstetric, and anthropometric questionnaires. The data were analyzed using descriptive statistics, the chi-square test, and multiple logistic regression. The prevalence of overweight, obesity and psychological, physical, and sexual IPV were 47.6%, 26.7%, 70.4%, 17.9%, and 6.4%, respectively. Increasing women’s educational level and exposure to violence during their lifespan increased the odds of any type of IPV while living in a nuclear family reduced it. In groups of women who were subjected to any type of IPV and only psychological IPV, experiencing violence during the lifespan was significant in predicting obesity. The alarming prevalence of IPV and obesity-overweight in this study points to the need for collaborative socio-political and health intervention. The link between experiencing violence during lifespan and obesity in some subgroups of women highlights the detrimental consequences of chronic violence and the urgent need for effective preventive programs.

Keywords: intimate partner violence, body mass index, obesity, risk factor, women

Procedia PDF Downloads 82

Authors: Naghmeh Moradpoor Sheykhkanloo

Abstract:

Structured Query Language Injection (SQLI) attack is a code injection technique in which malicious SQL statements are inserted into a given SQL database by simply using a web browser. Losing data, disclosing confidential information or even changing the value of data are the severe damages that SQLI attack can cause on a given database. SQLI attack has also been rated as the number-one attack among top ten web application threats on Open Web Application Security Project (OWASP). OWASP is an open community dedicated to enabling organisations to consider, develop, obtain, function, and preserve applications that can be trusted. In this paper, we propose an effective pattern recognition neural network model for detection and classification of SQLI attacks. The proposed model is built from three main elements of: a Uniform Resource Locator (URL) generator in order to generate thousands of malicious and benign URLs, a URL classifier in order to: 1) classify each generated URL to either a benign URL or a malicious URL and 2) classify the malicious URLs into different SQLI attack categories, and an NN model in order to: 1) detect either a given URL is a malicious URL or a benign URL and 2) identify the type of SQLI attack for each malicious URL. The model is first trained and then evaluated by employing thousands of benign and malicious URLs. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed approach.

Keywords: neural networks, pattern recognition, SQL injection attacks, SQL injection attack classification, SQL injection attack detection

Procedia PDF Downloads 448

Authors: Smita Singh

Abstract:

The paper develops a critical framework to the hegemonic discourses resorted to by the dominant powers in the global security architecture. Within this framework, security is viewed as a discourse through which identities and threats are represented and produced to legitimize the security concerns of few at the cost of others. International security have long been driven and dominated by power relations. Since the end of the Cold War, the global transformations have triggered contestations to the idea of security at both theoretical and practical level. These widening and deepening of the concept of security have challenged the existing power hierarchies at the theoretical level but not altered the substance and actors defining it. When discourses are introduced into security studies, several critical questions erupt: how has power shaped security policies of the globe through language? How does one understand the meanings and impact of those discourses? Who decides the agenda, rules, players and outliers of the security? Language as a symbolic system and form of power is fluid and not fixed. Over the years the dominant Western powers, led by the United States of America have employed various discursive practices such as humanitarian intervention, responsibility to protect, non proliferation, human rights, war on terror and so on to reorient the constitution of identities and interests and hence the policies that need to be adopted for its actualization. These power relations are illustrated in this paper through the narratives used in the nonproliferation regime. The hierarchical security dynamics is a manifestation of the global power relations driven by many factors including discourses.

Keywords: hegemonic discourse, global security, non-proliferation regime, power politics

Procedia PDF Downloads 300

Authors: John Battersby, Rhys Ball

Abstract:

After the 15 March 2019 Mosque attacks in Christchurch, the New Zealand security sector has had to address its training and preparedness levels for dealing with contemporary terrorist threats as well as potential future manifestations of terrorism. From time to time, members of the academic community from Australia and New Zealand have been asked to assist agencies in this endeavour. In the course of 2018, New Zealand security sector professionals working in the counter-terrorism area were interviewed about how they regarded academic contributions to understanding terrorism and counter-terrorism. Responses were mixed, ranging from anti-intellectualism, a belief that the inability to access classified material rendered academic work practically useless - to some genuine interest and desire for broad based academic studies on issues practitioners did not have the time to look at. Twelve months later, researchers have revisited those spoken to prior to the Brenton Tarrant 15 March shooting to establish if there has been a change in the way academic research is perceived, viewed and valued, and what key factors have contributed to this shift in thinking. This paper takes this data, combined with a consideration of the literature on higher education within professional police and intelligence forces, and on the general perception of academics by practitioners, to present a series of findings that will contribute to a more proactive and effective set of engagements, between two distinct but important security sectors, that reflect more closely with international practice.

Keywords: academic, counter terrorism, intelligence, practitioner, research, security

Procedia PDF Downloads 88

Authors: Nemanja Kajtez, Yue Zhan, Basel Halak

Abstract:

The significant rise in the cost of manufacturing of nanoscale integrated circuits (IC) has led the majority of IC design companies to outsource the fabrication of their products to other companies, often located in different countries. This multinational nature of the hardware supply chain has led to a host of security threats, including IP piracy, IC overproduction, and Trojan insertion. To combat that, researchers have proposed logic locking techniques to protect the intellectual properties of the design and increase the difficulty of malicious modification of its functionality. However, the adoption of logic locking approaches is rather slow due to the lack of the integration with IC production process and the lack of efficacy of existing algorithms. This work automates the logic locking process by developing software using Python that performs the locking on a gate-level netlist and can be integrated with the existing digital synthesis tools. Analysis of the latest logic locking algorithms has demonstrated that the SFLL-HD algorithm is one of the most secure and versatile in trading-off levels of protection against different types of attacks and was thus selected for implementation. The presented tool can also be expanded to incorporate the latest locking mechanisms to keep up with the fast-paced development in this field. The paper also presents a case study to demonstrate the functionality of the tool and how it could be used to explore the design space and compare different locking solutions. The source code of this tool is available freely from (https://www.researchgate.net/publication/353195333_Source_Code_for_The_Lockit_Tool).

Keywords: design automation, hardware security, IP piracy, logic locking

Procedia PDF Downloads 161